HackDig : Dig high-quality web security articles for hackers

Context Counts: Introducing TARDIS

Noise is a problem. As information security practitioners, we’ve been dealing with the problem of the signal-to-noise ratio for a long time. The solution hasn’t really changed, but the landscape certainly has. Ultimately, what drives noise down and elevates signal is, context.For his presentation at Black Hat USA, Travis Smith, a fellow Tripwiria
Publish At:2015-08-11 04:10 | Read:4039 | Comments:0 | Tags:Featured Articles Vulnerability Management black hat ELK sec

Integrating VirusTotal within ELK

[This blogpost has also been published as a guest diary on isc.sans.org] Visualisation is a key when you need to keep control of what’s happening on networks which carry daily tons of malicious files. virustotal.com is a key player in fighting malwares on a daily basis. Not only, you can submit and search for samples on their website but they also prov
Publish At:2015-07-28 16:45 | Read:4252 | Comments:0 | Tags:ELK Security Malware Software Virustotal Virus

Black Hat ’15 Preview: My Bro the ELK

Cyber-attacks are continually increasing in scope and complexity; advanced persistent threats are becoming more difficult to detect; and over the past decade, there has been a growing “detection deficit,” according to the 2015 Verizon Data Breach Report. While 60 percent of attackers are able to gain access within minutes, the detection of attacks is usually
Publish At:2015-07-10 05:40 | Read:3187 | Comments:0 | Tags:Featured Articles Security Controls black hat ELK Open Sourc

TweetSniff.py – a Python Tweets Grabber

For me, Twitter is not only a social network, it’s also a tool that I use daily to track and exchange news about information security with a large worldwide community of infosec profesionals. For a while, Twitter is my main source of information. When you are relying on a service like Twitter to collect information, you must have the right tools to han
Publish At:2014-12-22 23:20 | Read:2886 | Comments:0 | Tags:ELK Software Elasticsearch Python Twitter

Automatic MIME Parts Scanning with VirusTotal

Here is a Python script that I developed for my personal use: mime2vt.py. I decided to release it because I think it could be helpful for many of you. In 2012, I started a project called CuckooMX. The goal was to automatically scan attachments in emails with Cuckoo to find for potential malicious files. Unfortunately, the project never reached a milestone to
Publish At:2014-12-15 15:45 | Read:4704 | Comments:0 | Tags:ELK Security Attachments Mail MIME Python Tool Virustotal Vi


Tag Cloud